Multiple vulnerabilities in Gandia Integra Total by TESI
Gandia Integra Total, from version 2.1.2217.3 to 4.4.2236.1.
INCIBE has coordinated the publication of 8 vulnerabilities, 2 of critical severity and 6 of high severity that affect Gandia Integra of TESI, a software for the management of surveys and market analysis, versions from 2.1.2217.3 to 4.4.2236.1, which have been discovered by David Utón Amaya (m3n0sd0n4ld).
These vulnerabilities have been assigned the following codes, CVSS v4.0 base score, CVSS vector and CWE vulnerability type for each vulnerability:
- from CVE-2025-41370 to CVE-2025-41371: CVSS v4.0: 9.3 | CVSS4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-89
- from CVE-2025-41372 to CVE-2025-41377: CVSS v4.0: 8.7 | CVSS:4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-89
The vulnerability has been fixed by the TESI team in version 4.4.2431.5.
A SQL injection vulnerability has been found in Gandia Integra Total of TESI from version 2.1.2217.3 to v4.4.2236.1. The vulnerability allows an authenticated attacker to retrieve, create, update and delete databases.
The list of parameters, endpoints and assigned identifiers is as follows:
- No authentication required:
- CVE-2025-41370: 'idestudio' parameter in /encuestas/integraweb/html/view/acceso.php.
- CVE-2025-41371: 'idestudio' parameter in /encuestas/integraweb_v4/integra/html/view/acceso.php.
- With authentication:
- CVE-2025-41372: 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/informe_campo_entrevistas.php.
- CVE-2025-41373: 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/hislistadoacciones.php.
- CVE-2025-41374: 'destudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/gestpaginasesp.php.
- CVE-2025-41375: 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultaincimails.php.
- CVE-2025-41376: 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultacuotasred.php.
- CVE-2025-41377: 'idestudio' parameter in /encuestas/integraweb[_v4]/integra/html/view/consultacuotas.php.